Home > Hjt Log > HJT Log Please Let Me Know If I'm Still Infected

HJT Log Please Let Me Know If I'm Still Infected

I ran htj after rebooting and didn't see the blank.htm files (see attached). angel14 22.07.2010 19:30 QUOTE(richbuff @ 22.07.2010 03:39) Welcome. Save your installers and licenses on a flash drive for the re-install of windows. LOG is attached.3. have a peek at these guys

These are the filepaths you need to enter into killbox. now there is a weird folder named "32788R22FWJFW" on my C: in which there is a folder called "License" and in there is a file called """iexplore.exe"""... How to turn it off/on: http://support.kaspersky.com/faq/?qid=208279208 Also, scan again with Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam.php Update it first, scan and attach its log, but Please Don't remove anything yet, until the log is richbuff 23.07.2010 04:18 Hi, Please take off caps lock, and then install all Windows Vista Service Packs and Windows updates.

The file will not be moved unless listed separately.) Task: {14E91521-D805-4BFF-B2C2-B6C3B22182B0} - System32\Tasks\SafeZone scheduled Autoupdate 1468820078 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {17D71364-DA87-40A2-9371-B117F90F2DDA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2663092148-2684428880-4007880259-1000Core => C:\Users\Lynne\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-26] (Google Inc.) Task: Lastly, uninstall Combofix by: pause Kaspersky > Start > run > type combofix /uninstall > ok. Instead, open a new thread in our security and the web forum. The problems i m having are ...

Oct 24, 2006 #8 Ray B TS Rookie Topic Starter Posts: 41 Its time for me to go home for the day, and was only able to complete the adaware scan. just one more query:--- there is a weird folder named "32788R22FWJFW" on my C: in which there is a folder called "License" and in there is a file called """iexplore.exe"""... Can anyone help???? Logfile of HijackThis v1.99.1 Scan saved at 1:24:35 PM, on 1/9/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe

Turn off system restore.(XP/ME only) See how here.> http://www.bleepingcomputer.com/forums/tutorial56.html Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). Share this post Link to post Share on other sites lieven53    New Member Topic Starter Members 13 posts ID: 7   Posted January 29, 2009 hello,just went through all of Oct 14, 2007 #6 siedog TS Rookie Topic Starter Posts: 46 Ok, I've used hjt to fix the entry, but i noticed it also had the entry: O4 - HKCU\..\Run: [Kkuknkg] OK I think I did it right, here they go and please let me know what you find.

I can do a clean install if needed. Instead, open a new thread in our security and the web forum. Without them, all of the antivirus programs in the world can not secure your computer. You only need to follow the instructions in my Thread.

Im looking at how to post your hijack this log as an attachment ???? It is extremely critical that Service Pack 1 and 2 are installed. THAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANKSS!!!! Jun 20, 2007 Infected computer Jan 13, 2009 Computer infected Sep 13, 2008 Computer infected Jan 29, 2010 Is my computer infected?

a) when i goto google/hotmail,etc it redirects me to some fake google site in which headings are with virus names like MYDOOM VIRUS, NETSKY VIRUS, HYBRID VIRUS, ETC ETC these virus More about the author Oct 14, 2007 #13 howard_hopkinso TS Rookie Posts: 24,177 +19 Your page file isn`t overly large, so unless your having problems with it, I recommend you leave it alone. what shall i do with it??4. Follow all the instructions exactly.

Follow all the instructions exactly. Regards Howard :wave: :wave: This thread is for the use of Ray B only. angel14 7.09.2010 12:30 QUOTE(angel14 @ 7.09.2010 11:14) Hi RichB, the same issue is back again.... http://exomatik.net/hjt-log/hjt-log-not-sure-what-i-m-infected-with.php Is this correct?

angel14 7.09.2010 22:34 hi richb,1. please advise asap thanks! Share this post Link to post Share on other sites lieven53    New Member Topic Starter Members 13 posts ID: 9   Posted January 30, 2009 Helo again,here u gothank you

The computer then begins to start in Safe mode.[*] select the admin account or your account with full admin privileges[*] the option to use the windows system restore then appears, just

is it kaspersky file ? Nothing else in the logs indicates that you are still infected.Now that you appear to be clean, please follow these simple steps in order to keep your computer clean and secure:Disable R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm Delete this file. All Activity Home Malware Removal Help Malware Removal for Windows Resolved Malware Removal Logs Infected Privacy Policy Contact Us Back to Top Malwarebytes Community Software by Invision Power Services, Inc. ×

Run HJT with no other programmes open(except notepad). Please don`t post your own virus/spyware problems in this thread. Let me know if that entry still shows up. news attaching AVZ file after updating windows and kaspersky.4.

after successfully rebooting... Please don`t post your own virus/spyware problems in this thread. there was one file detected as trojan.agent.ck which i opted to REMOVE/DELETE.3. Did the new user profile cmd thing, then ran FRST, both scans came back HOWEVER...I went to locate the New User Profile to copy paste and am unable to locate it,

Help - Search - Members Full Version: browser hijack, infected by trojan malware Kaspersky Lab Forum > English User Forum > Virus-related issues angel14 21.07.2010 11:26 PLEASE HELP!hi i understand u You have the words that give eternal life. Instead, open a new thread in our security and the web forum. last time it was trying through a .vbs TEMP file which the Kaspersky Application control was stopping while i was having the same issues again.malwarebytes nor kaspersky are able to detect

Thank you again January 9th, 2009 #5 mommydanise Guest HJT Log Here's the first logfile you asked for... Oct 26, 2006 #22 Ray B TS Rookie Topic Starter Posts: 41 Sorry but I forget, am I too save the HJT notepad before closing it?? Results 1 to 2 of 2 Thread: SlimCleaner Hijack Log Thread Tools Show Printable Version Email this Page… Subscribe to this Thread… Search Thread Advanced Search Display Linear Mode Switch Instead, open a new thread in our security and the web forum.

Instead, open a new thread in our security and the web forum. Ask a Question See Latest Posts TechSpot Forums are dedicated to computer enthusiasts and power users. then format the drive and re-install windows..... HERE IT IS IN THE ATTACHMENT.thanks.AGAIN ....

Also, have HJT fix the O4 - HKCU\..\Run: [Kkuknkg] "C:\Program Files\Common Files\?ystem32\m?hta.exe" entry. If you have same or other issue, please see the first Important read me topic, and then open a New Topic for yourself.